Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to invoke Alfresco webservics using Kerberos credential

jparija
Champ in-the-making
Champ in-the-making

‎03-08-2011 07:09 AM

Hi Everybody,
I am trying to call an Alfresco web service where I would like to use kerberos ticket (or kerberos related info)for authentication purpose. Before we call any web service in Alfresco we are creating a cmis session which contains a kerberos user name and password obtained from LDAP server and then making calls to different web services. I have given a code snippet below which is working fine in making alfresco web service calls. My question is instead of passing user name and password directly is it possible to pass any kerberos ticket or any secured information related to it to make web service calls. I am trying to avoid sending the user name and password. Please help me if anyone has any idea about it. The code below is. The code is in Groovy.
               
        def createSession = { event ->
   def repositoryID = "9b3f27ac-b7c1-4e96-887e-d7208b6e5d53"
   def afrescoHost =  "localhost"  //IP address is also fine here
   def afrescoPort = "8080"
   def alfrescoURL = "http://" + afrescoHost +":" + afrescoPort
   def ACL_SERVICE = alfrescoURL + "/alfresco/cmis/ACLService?wsdl"
   def DISCOVERY_SERVICE = alfrescoURL + "/alfresco/cmis/DiscoveryService?wsdl"

        SessionFactory sessionFactory = SessionFactoryImpl.newInstance();
   def parameterMap = [:]

        /*Here we are passing clear kerberos user name and password obtained from LDAP server. This part I would like to avoid by sending Kerberos ticket */
   parameterMap.put(SessionParameter.USER, event.authentication.principal.username) //Here we are passing username
   parameterMap.put(SessionParameter.PASSWORD, event.authentication.credentials) //Here we are passing password: We are getting a clear password here.

        //Session Creation - Web Services Binding
   // connection settings
   parameterMap.put(SessionParameter.BINDING_TYPE, BindingType.WEBSERVICES.value());
   parameterMap.put(SessionParameter.REPOSITORY_ID, repositoryID);
   parameterMap.put(SessionParameter.WEBSERVICES_ACL_SERVICE, ACL_SERVICE);
   parameterMap.put(SessionParameter.WEBSERVICES_DISCOVERY_SERVICE, DISCOVERY_SERVICE);
   def afsession = sessionFactory.createSession (parameterMap) //Here itself it authenticates and next line makes one web service call.
        afsession.getRootFolder()?.getChildren()  // This works fine as authentication is successful.

The above code works perfectly fine. It's just I would like to use some kerberos ticket obtained from KDC instead of  sending user name and password. Is there any way to achieve that. Please post here.

Thanks,
Jimmy
Labels:
0 Kudos
1 REPLY 1

kronzucker
Champ in-the-making
Champ in-the-making

‎04-27-2011 09:17 AM

Hello jparija,

i have got the same problem and would like to know if you have found a solution to your problem?

Kind regards,
Georg
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC